New Kaseya Survey Highlights Static Maturity Levels and Security Gaps

The global study examines the state of IT operations for the SMB and midmarket sector, highlighting emerging trends.

Allison Francis

September 5, 2019

5 Min Read
Young woman looks at word Survey on desktop computer.

Kaseya just dropped its fifth annual global “2019 State of IT Operations for Small and Midsize Businesses” survey, with more than 400 participants offering new insights into how IT groups for small and midsize businesses are progressing as IT management demands and external threats grow in number and complexity.

The survey highlights two important primary takeaways: stagnant growth in maturity among SMB and midmarket businesses, and the clamor for proactive IT management.

The data from the study throws into sharp relief the struggles of the sector, highlighting the fact that SMBs and midmarket enterprises have shown no improvement in IT maturity levels in three years. In addition, the data revealed that security is a top priority for these businesses, which recognize the need for urgent and robust protection against increasingly sophisticated cyberattacks and high-profile breaches.


Kaseya’s Mike Puglia

“Fifty-seven percent of the people we surveyed said that security is their top priority, which is significantly higher than last year,” says Mike Puglia, chief marketing officer at Kaseya. “Given everything we’re seeing with breaches, it’s no wonder that percentage is being driven up. It wouldn’t surprise me if it goes up to 70% percent or higher next year.”

According to the survey, 32% of respondents experienced a security breach in the past five years, down slightly from 35% in 2018 with at least 10% of participants saying that they were breached in the past year.

The data also showed that there is much room for improvement concerning automated software patch management among most SMBs. Only 42% of respondents automate or plan to automate patch management, and the same percentage monitor third-party software and apply critical patches within 30 days.

This is a significant gap, given that security breaches are too often the result of a failure to patch in a timely manner. It’s the poster for reactive vs. proactive. More than one-half of respondents marked automated patching as an important area for improvement.

“Hackers are often able to get in through very simple means,” says Puglia. “It’s almost impossible to stop things like phishing attacks, because people inherently want to be helpful. They will click something, and once the hacker gets in, it’s kind of inside an exposed underbelly situation. If you’re not keeping things patched and up to date, and you’re just hoping that the computer automatically updates itself, it’s a hacker’s paradise.”

Puglia goes on to say that vulnerability scanning and patching of all systems on a regular, consistent basis should be everyone’s top, No. 1 priority.

Overall, it’s no surprise that improving security is at the tiptop of the IT priority list for 57% of SMBs, up from 54% in 2018 and 40% in 2017. Slow as it may be, the rise is encouraging.

The survey also touched on cloud backup and disaster recovery. Nearly 90% of respondents claim they back up their servers.

Here’s the glitch. Only 29% of folks back up their SaaS application data (Microsoft Office 365, G Suite, Salesforce and so on), showing no improvement from 2018. The culprit? There’s a significant knowledge gap here, a lack of ownership and understanding that SaaS data backup for anything longer than 30 days is typically the customer’s responsibility, and that there’s a huge risk in not doing so.

As companies haul their critical apps over to the cloud, backing up their SaaS application data is a must.

The other major takeaway from the survey points is the lull in IT maturity. According to the press release, this is defined by a collective set of IT management capabilities and indicative of what the IT department can do for the growth of a business.

Without sugarcoating things, the survey points out that IT maturity has not improved over the past three years.

According to the data, more than one-half of respondents have consistently been …

… at the two lowest levels of IT operational maturity. And it’s no wonder. When asked about their IT management capabilities, many are in “constant firefighting mode,” as it’s described. About 35% of respondents are at the lowest level of IT operational maturity (reactive), 21% are at the second level of maturity (efficient), while only 11% of respondents said they have a strategic role in driving business innovation (strategic level of maturity).

“We found that the small to midsize businesses often end up on the more reactive side of things because they’re usually under the gun for resources, be it money, number of people [and so on],” says Puglia.

Puglia goes on to say that the adoption of modern information technology solutions has the ability to transform the structure and daily operations of today’s IT teams, which will allow companies to meet ever-increasing customer expectations and security threats head on.

Other findings from the study include:

  • Conflicting service-level priorities: Delivering higher service levels remains among the top priorities in 2019, but is at odds with a decline in the percentage of respondents that have formal service level agreements (SLAs). Over the past three years, the percentage of respondents without formal SLAs in place has increased, from 35% in 2017, to 39% in 2018, to 43% in 2019.

  • Increasing influence of IT departments in the C-suite: The degree of influence of the head of the IT department on company-wide decision making has risen considerably in the past three years. Nearly half of all respondents state that the head of the IT department has a great deal of influence in C-level decision making in their company.

  • GDPR gains ground in compliance: While HIPAA and PCI remain at the top of the list of compliance regulations in 2019, GDPR moved to the third spot from sixth in 2018, in line with the regulation’s implementation in May 2018.

Read more about:

MSPsChannel Research

About the Author(s)

Allison Francis

Allison Francis is a writer, public relations and marketing communications professional with experience working with clients in industries such as business technology, telecommunications, health care, education, the trade show and meetings industry, travel/tourism, hospitality, consumer packaged goods and food/beverage. She specializes in working with B2B technology companies involved in hyperconverged infrastructure, managed IT services, business process outsourcing, cloud management and customer experience technologies. Allison holds a bachelor’s degree in public relations and marketing from Drake University. An Iowa native, she resides in Denver, Colorado.

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like